I have a 3 node swarm cluster. I spun up a registry container on node1 of my swarm cluster.

[root@worker1 ~]# curl -i 'http://localhost:5000/v2/'
HTTP/1.1 200 OK
Content-Length: 2
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Thu, 13 Apr 2017 11:39:31 GMT

A tag and push to the local registry worked:
[root@worker1 ~]# curl ‘http://localhost:5000/v2/bram/mynginx/tags/list’
{“name”:“bram/mynginx”,“tags”:[“1.0”]}

A curl from node2 gives:
[root@worker2 ~]# curl http://:5000/v2/bram/mynginx/tags/list
{“name”:“bram/mynginx”,“tags”:[“1.0”]}

But when I do a pull I get:
[root@worker2 ~]# docker pull 10.0.0.11:5000/bram/mynginx:1.0
Error response from daemon: Get https://:5000/v1/_ping: http: server gave HTTP response to HTTPS client

I added DOCKER_OPTS="–insecure-registry 10.0.0.11:5000" to /etc/default/docker and restarted the docker service but didn’t help.

Anyone an idea of what I am doing wrong?

Hi,

What distro are you using (including version), and what is your version of Docker ?
Are you using systemd? If yes, can you check with systemctl status docker that in dockerd command, the --insecure flag is correctly set?

Hi,

I am using RHEL7.3 on all machines. Docker version is the same on all machines as well:
Client:
Version: 17.04.0-ce
API version: 1.28
Go version: go1.7.5
Git commit: 4845c56
Built: Mon Apr 3 18:01:50 2017
OS/Arch: linux/amd64

Server:
Version: 17.04.0-ce
API version: 1.28 (minimum version 1.12)
Go version: go1.7.5
Git commit: 4845c56
Built: Mon Apr 3 18:01:50 2017
OS/Arch: linux/amd64
Experimental: false

I am using systemd yes… when checking the status I don’t see the --insecure-registry flag so it probably didn’t do anything with /etc/default/docker.
The file /etc/default/docker didn’t exist though, so I created it myself… don’t know if it does anything if it didn’t exist yet?!

Yes, I think the issue lies in your configuration file.
The Docker daemon configuration file is not expected to be /etc/default/docker but /etc/default/docker.json.
You have several options:

1. you can add directly the --insecure flag in the systemd unit file (/lib/systemd/system/docker.service):

ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry …

1. you can give your configuration file explicitly in the systemd unit file, before the ExecStart line:

EnvironmentFile=-/etc/default/docker

1. you can edit /etc/default/docker.json

{
“insecure-registries”:
}

With all options I get the same error when restarting the docker.service

Apr 13 14:27:39 worker2 systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Apr 13 14:27:39 worker2 systemd[1]: Failed to start Docker Application Container Engine.
Apr 13 14:27:39 worker2 systemd[1]: Unit docker.service entered failed state.
Apr 13 14:27:39 worker2 systemd[1]: docker.service failed.
Apr 13 14:27:39 worker2 systemd[1]: docker.service holdoff time over, scheduling restart.
Apr 13 14:27:39 worker2 systemd[1]: start request repeated too quickly for docker.service
Apr 13 14:27:39 worker2 systemd[1]: Failed to start Docker Application Container Engine.
Apr 13 14:27:39 worker2 systemd[1]: Unit docker.service entered failed state.
Apr 13 14:27:39 worker2 systemd[1]: docker.service failed.

The docker service restart failed ?
What changes did you do ?
Maybe I wasn’t clear in my previous answer but you don’t have to do all the options I gave you, the three solutions are equivalent.

I tried each of the 3 options seperate and every time the service failed to restart.

Seriously ? All failed ? You must have a typo, it’s not possible otherwise!
Personally, I prefer to have a distinct configuration file. So here is my conf (which works well):

• /etc/sysconfig/docker

OPTIONS=‘–exec-root /home/karin/docker-ce.exec --graph /home/karin/docker-ce.graph --insecure-registry docker-local.artifactory --insecure-registry docker-remote.artifactory --insecure-registry docker.artifactory’

• /lib/systemd/system/docker.service

[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
ExecStart=/usr/bin/dockerd -H fd:// $OPTIONS

A systemctl daemon-reload and a systemctl restart docker should do the trick. I hope

Going to give it a retry today